Anti-aimbot proxy (20070514)

When i run this proggy it makes me have 3k ping when people around are jumping :/

Quote:

Originally posted by puzzlebird@Apr 5 2007, 16:37 So, let me try to figure it out. My suspection this IP is one of the game server. Could you tell me what's server name you tested, and I will show you if this IP is TQ game server. For example: 64.151.71.188 is the IP for "Eternity". And this is its DNS registration. OrgName: ServePath, LLC OrgID: SERVEP Address: 360 Spear Street. Address: Suite 200 City: San Francisco StateProv: CA PostalCode: 94105 Country: US

No, any TQ based IP returns, as you proved yourself, to belong to Servepath or whatever it's called.
I have seen the account and Pyramid Game Server IP, I see those two but ALSO that IP.

Quote:

Originally posted by andyd123+Apr 6 2007, 09:55--></span><table border='0' align='center' width='95%' cellpadding='3' cellspacing='1'><tr><td>QUOTE (andyd123 @ Apr 6 2007, 09:55)</td></tr><tr><td id='QUOTE'> <!--QuoteBegin--puzzlebird@Apr 5 2007, 16:37 So, let me try to figure it out. My suspection this IP is one of the game server. Could you tell me what's server name you tested, and I will show you if this IP is TQ game server. For example: 64.151.71.188 is the IP for "Eternity". And this is its DNS registration. OrgName: ServePath, LLC OrgID: SERVEP Address: 360 Spear Street. Address: Suite 200 City: San Francisco StateProv: CA PostalCode: 94105 Country: US

No, any TQ based IP returns, as you proved yourself, to belong to Servepath or whatever it's called.
I have seen the account and Pyramid Game Server IP, I see those two but ALSO that IP. [/b][/quote]
I have tested our proxy with 30man many times and did not see any traffic goes to the IP you specified.

If you insist this program connects IP that is NOT TQ game IP, the best way to justify to is to get DM sniffer the packet. If DM also prove the proxy goes to other IPs (which we do not belive so), we will appologize publicly and remove this program.

On the other hand, if DM does not see any suspecious traffic, I wish Andy you apologize for the confusion caused by the comments you have made. Just be responsible for what you have trying to hint.

On the other hand, I will persude 30man to submit source code to DM for review.

;-( I should not get involved in this CO2 mess as I have been out for quite time, but all these make me headache again.

Don't worry, I'll openly say sorry If I am wrong.

I trust you, pb, just not this 30man, despite what you say.

But if in the event I am wrong, I still strongly at LEAST placing a warning IN BOLD, UNDERLINED, RED FONT stating that you CAN EASILY BE BANNED for using this program.

Not saying its BECAUSE of the program, but because it is VERY EASILY recognized, as is mine, therefore I have a banned account that does precisely what this program does, though I'm pretty sure my personally created aimbot can take care of anyone who uses this, and if it can't, I can personally kill ya. :)

Just, DM, I SERIOUSLY RECOMMEND that you add that warning to the original post, as well as 30man adding it to the read-me, it'll save you more trouble from angry noobs then you need.

.................................................. .................................................. .................................................. .................................................. ...............Released to noobs who will abuse it now................

Mod please remove this know. Were looking who is responsible for this leak of a certain packet.

Its freaken stickied do you think they'll remove it........pisses me off now something good ruined.

Quote:

Originally posted by XtremeX-CO@Apr 6 2007, 04:03 Mod please remove this know. Were looking who is responsible for this leak of a certain packet.

Hi,

I guess you yet to show us where it was leak from and I have no control of it (leak from).

DM

Quote:

Originally posted by DM2000+Apr 6 2007, 04:29--></span><table border='0' align='center' width='95%' cellpadding='3' cellspacing='1'><tr><td>QUOTE (DM2000 @ Apr 6 2007, 04:29)</td></tr><tr><td id='QUOTE'> <!--QuoteBegin--XtremeX-CO@Apr 6 2007, 04:03 Mod please remove this know. Were looking who is responsible for this leak of a certain packet.

Hi,

I guess you yet to show us where it was leak from and I have no control of it (leak from).

DM [/b][/quote]
A packet used in this program has been leaked, is what he means.
It's highly probable that parts of this program's code was modified and reproduced in C# format from a Java program, not QOProxy.

DM, until we can figure it out, can you remove the download link itself?

Quote:

Originally posted by XtremeX-CO@Apr 6 2007, 04:03 Mod please remove this know. Were looking who is responsible for this leak of a certain packet.

Hi XtremeX-CO:

I do respect you as the pioneer of this forum, but if teleport packet is the ONLY way you are aware to dodge aimbot, please do not assume we do not know other ways.

We have figured at least two ways to dodge aimbot in addition to teleport packet. The one we released is most effective (and less obvious) as compared with teleport. And figuring out the structure of teleport packet is not difficult as all, just try to capture all the packets from CO2 client, and try to reproduce from the proxy to test effect, you can figure out most of functions of packets easily.

Besides, there is already "hint" from QoProxy code that how teleport packet used to work. The only think changed is what's the subfunction it used. You simply try from 0x00 to 0xff from proxy to client and check client/server response, it is not difficult to get it work again.

After the source code being review by DM, he will understand that no teleport packet is used and how we fool the server (we are smart ;-p)

Regards,

30man

Quote:

Originally posted by 30man+Apr 5 2007, 22:01--></span><table border='0' align='center' width='95%' cellpadding='3' cellspacing='1'><tr><td>QUOTE (30man @ Apr 5 2007, 22:01)</td></tr><tr><td id='QUOTE'> <!--QuoteBegin--XtremeX-CO@Apr 6 2007, 04:03 Mod please remove this know. Were looking who is responsible for this leak of a certain packet.

Hi XtremeX-CO:

I do respect you as the pioneer of this forum, but if teleport packet is the ONLY way you are aware to dodge aimbot, please do not assume we do not know other ways.

We have figured at least two ways to dodge aimbot in addition to teleport packet. The one we released is most effective (and less obvious) as compared with teleport. And figuring out the structure of teleport packet is not difficult as all, just try to capture all the packets from CO2 client, and try to reproduce from the proxy to test effect, you can figure out most of functions of packets easily.

Besides, there is already "hint" from QoProxy code that how teleport packet used to work. The only think changed is what's the subfunction it used. You simply try from 0x00 to 0xff from proxy to client and check client/server response, it is not difficult to get it work again.

After the source code being review by DM, he will understand that no teleport packet is used and how we fool the server (we are smart ;-p)

Regards,

30man [/b][/quote]
hey bud..you had a good idea, but dont work to good, to other ppl it looks like your speed hacking when you turn anti aimbot on, and what did you do to cyclone :S it dissconnects if you just to fast

@man: If you can edit packets, that would mean you have the encryption code for the packets, right? Would you mind pming me it if its not a trouble.

@Lake: I couldnt quiet work out how to change Proxy so i can run both at once, wot do i edit?

Hi,

I had examined the source code and did not found any keylogger and suspicious packet.
I ran the packet sniffer program and found no suspicious IP.

I guess 30man still could improve it.

A simple advice, use at your own risk as GM and others could record your move.

DM

Hi,Someone can post the sever.dat ? i dont know change it :s(im dumb) XD , bb and ty for the attetion :bandit: :?